cbac 0.6.10 → 0.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 8c041fd3a4befc2208c468e57a7a6a49168d2bd5
4
+ data.tar.gz: c97a35227f58f9f04083e4e88cc1bc42e26a8e2a
5
+ SHA512:
6
+ metadata.gz: 0fa615f6784d84775c61971e234ae419de6ae748ea2229b3cabfa2947c632932a488c68ee814959377cba1239289c82971d34c7aa64fbe322e2e98acecb22ff5
7
+ data.tar.gz: 8d2c9e5b8aa393d896d1e4803536ddafaece144cb4fbfdaa48657eb160c5c9e2cb15b61747b49a5191353deaea469f55e251285e5033b8f854e800704d74edf2
data/.gitignore ADDED
@@ -0,0 +1,4 @@
1
+ nbproject
2
+ pkg
3
+ spec/support/*.sqlite3
4
+ Gemfile.lock
data/.rspec ADDED
@@ -0,0 +1 @@
1
+ --color
data/Gemfile CHANGED
@@ -1,7 +1,3 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  gemspec
4
-
5
- group :release do
6
- gem 'echoe'
7
- end
data/README.rdoc CHANGED
@@ -4,8 +4,9 @@
4
4
  Easy to use, light-weight authorization system for Rails applications.
5
5
 
6
6
  == Update
7
- Version 0.6 contains a few major updates on the system. This is driven by the
8
- feature to be compliant with Rails 3
7
+ Version 0.7 contains several updates on the system. This is driven by the
8
+ wish to be compliant with Rails 4.2, the oldest Rails version that is
9
+ currently under support.
9
10
 
10
11
  == FEATURES:
11
12
  - Authorize users via roles/ groups
data/Rakefile CHANGED
@@ -2,7 +2,7 @@
2
2
  require 'rubygems'
3
3
  require 'rake'
4
4
  require 'rake/testtask'
5
- require 'rake/rdoctask'
5
+ require 'rdoc/task'
6
6
  require 'echoe'
7
7
  require 'cbac/version'
8
8
 
data/cbac.gemspec CHANGED
@@ -1,34 +1,27 @@
1
1
  # -*- encoding: utf-8 -*-
2
2
 
3
3
  Gem::Specification.new do |s|
4
- s.name = "cbac"
5
- s.version = "0.6.10"
4
+ s.name = "cbac"
5
+ s.version = "0.7.0"
6
6
 
7
- s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
- s.authors = ["Bert Meerman"]
9
- s.date = "2013-01-09"
10
- s.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
11
- s.email = "bertm@rubyforge.org"
12
- s.extra_rdoc_files = ["README.rdoc", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "tasks/cbac.rake"]
13
- s.files = ["Gemfile", "Gemfile.lock", "README.rdoc", "Rakefile", "cbac.gemspec", "config/cbac/context_roles.rb", "config/cbac/privileges.rb", "context_roles.rb", "init.rb", "lib/cbac.rb", "lib/cbac/cbac_pristine/pristine.rb", "lib/cbac/cbac_pristine/pristine_file.rb", "lib/cbac/cbac_pristine/pristine_permission.rb", "lib/cbac/cbac_pristine/pristine_role.rb", "lib/cbac/config.rb", "lib/cbac/context_role.rb", "lib/cbac/generic_role.rb", "lib/cbac/known_permission.rb", "lib/cbac/membership.rb", "lib/cbac/permission.rb", "lib/cbac/privilege.rb", "lib/cbac/privilege_new_api.rb", "lib/cbac/privilege_set.rb", "lib/cbac/privilege_set_record.rb", "lib/cbac/setup.rb", "lib/cbac/version.rb", "lib/generators/cbac/USAGE", "lib/generators/cbac/cbac_generator.rb", "lib/generators/cbac/copy_files/config/cbac.pristine", "lib/generators/cbac/copy_files/config/context_roles.rb", "lib/generators/cbac/copy_files/config/privileges.rb", "lib/generators/cbac/copy_files/controllers/generic_roles_controller.rb", "lib/generators/cbac/copy_files/controllers/memberships_controller.rb", "lib/generators/cbac/copy_files/controllers/permissions_controller.rb", "lib/generators/cbac/copy_files/controllers/upgrade_controller.rb", "lib/generators/cbac/copy_files/fixtures/cbac_generic_roles.yml", "lib/generators/cbac/copy_files/fixtures/cbac_memberships.yml", "lib/generators/cbac/copy_files/fixtures/cbac_permissions.yml", "lib/generators/cbac/copy_files/initializers/cbac_config.rb", "lib/generators/cbac/copy_files/migrate/create_cbac_from_scratch.rb", "lib/generators/cbac/copy_files/stylesheets/cbac.css", "lib/generators/cbac/copy_files/tasks/cbac.rake", "lib/generators/cbac/copy_files/views/generic_roles/index.html.erb", "lib/generators/cbac/copy_files/views/layouts/cbac.html.erb", "lib/generators/cbac/copy_files/views/memberships/_update.html.erb", "lib/generators/cbac/copy_files/views/memberships/index.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_context_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/_update_generic_role.html.erb", "lib/generators/cbac/copy_files/views/permissions/index.html.erb", "lib/generators/cbac/copy_files/views/upgrade/index.html.erb", "migrations/20110211105533_add_pristine_files_to_cbac_upgrade_path.rb", "privileges.rb", "rails/init.rb", "spec/cbac_authorization_check_spec.rb", "spec/cbac_pristine_file_spec.rb", "spec/cbac_pristine_permission_spec.rb", "spec/cbac_pristine_role_spec.rb", "spec/fixtures/controllers/dating/daughter_controller.rb", "spec/rcov.opts", "spec/spec.opts", "spec/spec_helper.rb", "spec/support/schema.rb", "tasks/cbac.rake", "test/fixtures/cbac_generic_roles.yml", "test/fixtures/cbac_memberships.yml", "test/fixtures/cbac_permissions.yml", "test/fixtures/cbac_privilege_set.yml", "test/test_cbac_actions.rb", "test/test_cbac_authorize_generic_roles.rb", "test/test_cbac_context_role.rb", "test/test_cbac_privilege.rb", "test/test_cbac_privilege_set.rb", "test/test_helper.rb", "Manifest"]
14
- s.homepage = "http://cbac.rubyforge.org"
15
- s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
16
- s.require_paths = ["lib"]
17
- s.rubyforge_project = "cbac"
18
- s.rubygems_version = "1.8.24"
19
- s.summary = "CBAC - Simple authorization system for Rails applications."
20
- s.test_files = ["test/test_cbac_privilege.rb", "test/test_cbac_context_role.rb", "test/test_helper.rb", "test/test_cbac_actions.rb", "test/test_cbac_privilege_set.rb", "test/test_cbac_authorize_generic_roles.rb"]
7
+ s.authors = ["Bert Meerman"]
8
+ s.date = "2016-08-15"
9
+ s.description = "Simple authorization system for Rails applications. Allows you to develop applications with a mixed role based authorization and a context based authorization model. Does not supply authentication."
10
+ s.email = "bertm@rubyforge.org"
11
+ s.files = `git ls-files`.split("\n")
12
+ s.homepage = "http://cbac.rubyforge.org"
13
+ s.license = "MIT"
14
+ s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Cbac", "--main", "README.rdoc"]
15
+ s.require_paths = ["lib"]
16
+ s.required_ruby_version = ">= 1.9.3"
17
+ s.required_rubygems_version = ">= 1.8.11"
18
+ s.rubyforge_project = "cbac"
19
+ s.summary = "CBAC - Simple authorization system for Rails applications."
20
+ s.test_files = `git ls-files -- test/*.*`.split("\n")
21
21
 
22
- if s.respond_to? :specification_version then
23
- s.specification_version = 3
24
-
25
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
26
- s.add_dependency("rails", ">= 3.0")
27
- s.add_development_dependency("rspec-rails")
28
- s.add_development_dependency("sqlite3")
29
- s.add_development_dependency("database_cleaner")
30
- else
31
- end
32
- else
33
- end
22
+ s.add_development_dependency("database_cleaner", "~> 1.5")
23
+ s.add_development_dependency("rspec-rails", "~> 3")
24
+ s.add_development_dependency("sqlite3", "~> 1.3")
25
+ s.add_runtime_dependency("echoe", "~> 4")
26
+ s.add_runtime_dependency("rails", "~> 4.2")
34
27
  end
data/lib/cbac.rb CHANGED
@@ -47,14 +47,18 @@ module Cbac
47
47
  check_privilege_sets([PrivilegeSet.sets[privilege_set.to_sym]], context)
48
48
  end
49
49
 
50
+ def permitted_for_generic_role?(privilege_set, context)
51
+ Cbac::GenericRole.joins(:generic_role_members, :permissions).exists?(
52
+ 'cbac_memberships.user_id' => current_user(context),
53
+ 'cbac_permissions.privilege_set_id' => privilege_set.id
54
+ )
55
+ end
56
+
50
57
  # Check the given privilege_sets
51
58
  def check_privilege_sets(privilege_sets, context = {})
52
59
  # Check the generic roles
53
60
  return true if privilege_sets.any? { |set|
54
- Cbac::GenericRole.joins(:generic_role_members, :permissions).exists?(
55
- 'cbac_memberships.user_id' => current_user,
56
- 'cbac_permissions.privilege_set_id' => set.id
57
- )
61
+ permitted_for_generic_role?(set, context)
58
62
  }
59
63
 
60
64
  # Check the context roles Get the permissions
@@ -89,8 +93,12 @@ module Cbac
89
93
  end
90
94
 
91
95
  # Default implementation of the current_user method
92
- def current_user_id
93
- session[:currentuser].to_i
96
+ def current_user_id(context = {})
97
+ context[:cbac_user].to_i
98
+ end
99
+
100
+ def current_user(context = {})
101
+ current_user_id(context)
94
102
  end
95
103
 
96
104
  # Load controller classes and methods
@@ -133,7 +133,7 @@ module Cbac
133
133
  # if not, the context role is not found by CBAC and thus will not work
134
134
 
135
135
  # this may be a context role that's already in the database
136
- context_role = use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:context], :name => context_role_name.captures[0]}) : nil
136
+ context_role = use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:context], name: context_role_name.captures[0]).first : nil
137
137
 
138
138
  # this may still be a context role we've seen before...
139
139
  context_role = @context_roles.select do |cr| cr.role_type == PristineRole.ROLE_TYPES[:context] and cr.name == context_role_name.captures[0] end.first if context_role.nil?
@@ -166,7 +166,7 @@ module Cbac
166
166
  return generic_cbac_role
167
167
  end
168
168
  end
169
- role = use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:generic], :name => generic_role.captures[0]}) : nil
169
+ role = use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:generic], name: generic_role.captures[0]).first : nil
170
170
 
171
171
  if role.nil?
172
172
  role = PristineRole.new do |role|
@@ -11,7 +11,7 @@ module Cbac
11
11
  belongs_to :pristine_file, :class_name => "Cbac::CbacPristine::AbstractPristineFile"
12
12
 
13
13
  def privilege_set
14
- Cbac::PrivilegeSetRecord.first(:conditions => {:name => privilege_set_name})
14
+ Cbac::PrivilegeSetRecord.where(name: privilege_set_name).first
15
15
  end
16
16
 
17
17
  def operation_string
@@ -48,25 +48,38 @@ module Cbac
48
48
  # checks if the current cbac permissions contains a permission which is exactly like this one
49
49
  def cbac_permission_exists?
50
50
  if pristine_role.role_type == PristineRole.ROLE_TYPES[:context]
51
- Cbac::Permission.count(:joins => [:privilege_set], :conditions => {:cbac_privilege_set => {:name => privilege_set_name}, :context_role => pristine_role.name}) > 0
51
+ Cbac::Permission.joins(:privilege_set).where('cbac_privilege_set.name = ?', privilege_set_name).where(context_role: pristine_role.name).count > 0
52
52
  else
53
- Cbac::Permission.count(:joins => [:generic_role, :privilege_set], :conditions => {:cbac_privilege_set => {:name => privilege_set_name}, :cbac_generic_roles => {:name => pristine_role.name}}) > 0
53
+ Cbac::Permission.joins(:generic_role, :privilege_set).where('cbac_privilege_set.name = ?', privilege_set_name).where('cbac_generic_roles.name' => pristine_role.name).count > 0
54
54
  end
55
55
  end
56
56
 
57
57
  # checks if a pristine permission with the same properties(except line_number) exists in the database
58
58
  def exists?
59
- Cbac::CbacPristine::PristinePermission.count(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => operation}) > 0
59
+ Cbac::CbacPristine::PristinePermission.where(
60
+ privilege_set_name: privilege_set_name,
61
+ pristine_role_id: pristine_role_id,
62
+ operation: operation)
63
+ .count > 0
60
64
  end
61
65
 
62
66
  # checks if a pristine permission with the exact same properties(except line_number), but the reverse operation exists in the database
63
67
  def reverse_exists?
64
- Cbac::CbacPristine::PristinePermission.count(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => reverse_operation}) > 0
68
+ Cbac::CbacPristine::PristinePermission.where(
69
+ privilege_set_name: privilege_set_name,
70
+ pristine_role_id: pristine_role_id,
71
+ operation: reverse_operation)
72
+ .count > 0
65
73
  end
66
74
 
67
75
  # delete the pristine permission with the reverse operation of this one
68
76
  def delete_reverse_permission
69
- reverse_permission = Cbac::CbacPristine::PristinePermission.first(:conditions => {:privilege_set_name => privilege_set_name, :pristine_role_id => pristine_role_id, :operation => reverse_operation})
77
+ reverse_permission = Cbac::CbacPristine::PristinePermission.where(
78
+ privilege_set_name: privilege_set_name,
79
+ pristine_role_id: pristine_role_id,
80
+ operation: reverse_operation)
81
+ .first
82
+
70
83
  reverse_permission.delete
71
84
  end
72
85
 
@@ -86,7 +99,10 @@ module Cbac
86
99
 
87
100
  # checks if the known_permissions table has an entry for this permission
88
101
  def known_permission_exists?
89
- Cbac::KnownPermission.count(:conditions => {:permission_type => pristine_role.known_permission_type, :permission_number => line_number}) > 0
102
+ Cbac::KnownPermission.where(
103
+ :permission_type => pristine_role.known_permission_type,
104
+ :permission_number => line_number
105
+ ).count > 0
90
106
  end
91
107
 
92
108
  # accept this permission and apply to the current cbac permission set
@@ -120,8 +136,8 @@ module Cbac
120
136
  if pristine_role.role_type == PristineRole.ROLE_TYPES[:context]
121
137
  permission.context_role = pristine_role.name
122
138
  else
123
- generic_role = Cbac::GenericRole.first(:conditions => {:name => pristine_role.name})
124
- permission.generic_role = generic_role.nil? ? Cbac::GenericRole.create(:name => pristine_role.name, :remarks => "Autogenerated by Cbac loading / upgrade system") : generic_role
139
+ generic_role = Cbac::GenericRole.where(name: pristine_role.name).first
140
+ permission.generic_role = generic_role || Cbac::GenericRole.where(name: pristine_role.name, remarks: "Autogenerated by Cbac loading / upgrade system").create
125
141
  end
126
142
 
127
143
  register_change if permission.save
@@ -178,7 +194,7 @@ module Cbac
178
194
 
179
195
  # clear the staging area of all generic pristine permissions
180
196
  def self.delete_generic_permissions
181
- generic_staged_permissions = all(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]])
197
+ generic_staged_permissions = joins(:pristine_role).where("cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic])
182
198
  generic_staged_permissions.each do |permission|
183
199
  delete(permission.id)
184
200
  end
@@ -186,18 +202,18 @@ module Cbac
186
202
 
187
203
  # clear the staging area of all non generic permissions
188
204
  def self.delete_non_generic_permissions
189
- staged_permissions = all(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]])
205
+ staged_permissions = joins(:pristine_role).where("cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic])
190
206
  staged_permissions.each do |permission|
191
207
  delete(permission.id)
192
208
  end
193
209
  end
194
210
 
195
211
  def self.count_generic_permissions
196
- count(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]])
212
+ joins(:pristine_role).where("cbac_staged_roles.role_type = ?", PristineRole.ROLE_TYPES[:generic]).count
197
213
  end
198
214
 
199
215
  def self.count_non_generic_permissions
200
- count(:joins => :pristine_role, :conditions => ["cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]])
216
+ joins(:pristine_role).where("cbac_staged_roles.role_type != ?", PristineRole.ROLE_TYPES[:generic]).count
201
217
  end
202
218
  end
203
219
  end
@@ -33,7 +33,7 @@ module Cbac
33
33
  end
34
34
 
35
35
  def self.admin_role(use_db = true)
36
- admin_role = use_db ? PristineRole.first(:conditions => {:role_type => PristineRole.ROLE_TYPES[:admin]}) : nil
36
+ admin_role = use_db ? PristineRole.where(role_type: PristineRole.ROLE_TYPES[:admin]).first : nil
37
37
 
38
38
  admin_role || PristineRole.new do |role|
39
39
  role.role_id = 1
@@ -1,6 +1,5 @@
1
1
  class Cbac::GenericRole < ActiveRecord::Base
2
2
  self.table_name = "cbac_generic_roles"
3
- attr_accessible :remarks, :name
4
3
 
5
4
  has_many :generic_role_members, :class_name => "Cbac::Membership", :foreign_key => "generic_role_id"
6
5
  has_many :permissions, :class_name => "Cbac::Permission", :foreign_key => "generic_role_id"
@@ -6,10 +6,10 @@ class Cbac::KnownPermission < ActiveRecord::Base
6
6
  @@PERMISSION_TYPES = {:context => 0, :generic => 1}
7
7
 
8
8
  def self.find_context_permissions(conditions = {})
9
- all(:conditions => conditions.merge(:permission_type => @@PERMISSION_TYPES[:context]))
9
+ where(conditions.merge(:permission_type => @@PERMISSION_TYPES[:context])).all
10
10
  end
11
11
 
12
12
  def self.find_generic_permissions(conditions = {})
13
- all(:conditions => conditions.merge(:permission_type => @@PERMISSION_TYPES[:generic]))
13
+ where(conditions.merge(:permission_type => @@PERMISSION_TYPES[:generic])).all
14
14
  end
15
15
  end
@@ -88,7 +88,8 @@ class Privilege
88
88
  def select(controller_method, action_type)
89
89
  action_type = action_type.to_s
90
90
  post_methods = ["post", "put", "delete", "patch"]
91
- if action_type == "get"
91
+ get_methods = ["get", "head"]
92
+ if get_methods.include? action_type
92
93
  privilege_sets = Privilege.get_resources[controller_method]
93
94
  else if post_methods.include?(action_type)
94
95
  privilege_sets = Privilege.post_resources[controller_method]
@@ -19,7 +19,7 @@ class Cbac::PrivilegeSet
19
19
  # check for double creation
20
20
  raise ArgumentError, "CBAC: PrivilegeSet was already defined: #{symbol.to_s}" if @sets.include?(symbol)
21
21
  # Create record if privilege set doesn't exist
22
- record = Cbac::PrivilegeSetRecord.find_or_create_by_name(symbol.to_s)
22
+ record = Cbac::PrivilegeSetRecord.find_or_create_by(name: symbol.to_s)
23
23
  record.set_comment(comment)
24
24
  record.save
25
25
 
data/lib/cbac/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Cbac
2
- VERSION = '0.6.7'
2
+ VERSION = '0.7.0'
3
3
  end
@@ -10,13 +10,13 @@ class Cbac::GenericRolesController < ApplicationController
10
10
  # POST /update
11
11
  def update
12
12
  @role = Cbac::GenericRole.find(params[:id])
13
- @role.update_attributes(params[:cbac_generic_role])
13
+ @role.update_attributes(role_params)
14
14
  redirect_to :action => "index"
15
15
  end
16
16
 
17
17
  # POST /create
18
18
  def create
19
- @role = Cbac::GenericRole.new(params[:cbac_generic_role])
19
+ @role = Cbac::GenericRole.new(role_params)
20
20
  @role.save
21
21
  redirect_to :action => "index"
22
22
  end
@@ -27,4 +27,9 @@ class Cbac::GenericRolesController < ApplicationController
27
27
  @role.delete
28
28
  redirect_to :action => "index"
29
29
  end
30
+
31
+ private
32
+ def role_params
33
+ params.required(:cbac_generic_role).permit(:name, :remarks)
34
+ end
30
35
  end
@@ -5,7 +5,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
5
5
  t.integer :generic_role_id, :default => 0
6
6
  t.string :context_role
7
7
  t.integer :privilege_set_id
8
- t.timestamps
8
+ t.timestamps null: false
9
9
  end
10
10
  end
11
11
 
@@ -13,7 +13,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
13
13
  create_table :cbac_generic_roles do |t|
14
14
  t.string :name
15
15
  t.text :remarks
16
- t.timestamps
16
+ t.timestamps null: false
17
17
  end
18
18
  end
19
19
 
@@ -21,7 +21,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
21
21
  create_table :cbac_memberships do |t|
22
22
  t.integer :user_id
23
23
  t.integer :generic_role_id
24
- t.timestamps
24
+ t.timestamps null: false
25
25
  end
26
26
  end
27
27
 
@@ -29,7 +29,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
29
29
  create_table :cbac_privilege_set do |t|
30
30
  t.string :name
31
31
  t.string :comment
32
- t.timestamps
32
+ t.timestamps null: false
33
33
  end
34
34
  end
35
35
 
@@ -37,7 +37,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
37
37
  create_table :cbac_pristine_files do |t|
38
38
  t.string :type
39
39
  t.string :file_name
40
- t.timestamps
40
+ t.timestamps null: false
41
41
  end
42
42
  end
43
43
 
@@ -49,7 +49,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
49
49
  t.integer :line_number
50
50
  t.string :comment
51
51
  t.text :operation, :limit => 2
52
- t.timestamps
52
+ t.timestamps null: false
53
53
  end
54
54
  end
55
55
 
@@ -58,7 +58,7 @@ class CreateCbacFromScratch < ActiveRecord::Migration
58
58
  t.string :role_type
59
59
  t.string :name
60
60
  t.integer :role_id
61
- t.timestamps
61
+ t.timestamps null: false
62
62
  end
63
63
  end
64
64
 
@@ -16,7 +16,7 @@
16
16
 
17
17
  # Get a privilege set that fulfills the provided conditions
18
18
  def get_privilege_set(conditions)
19
- Cbac::PrivilegeSetRecord.first(:conditions => conditions)
19
+ Cbac::PrivilegeSetRecord.where(conditions).first
20
20
  end
21
21
 
22
22
  # Get a Hash containing all entries from the provided table
@@ -3,7 +3,7 @@ class AddPristineFilesToCbacUpgradePath < ActiveRecord::Migration
3
3
  create_table :cbac_pristine_files do |t|
4
4
  t.string :type
5
5
  t.string :file_name
6
- t.timestamps
6
+ t.timestamps null: false
7
7
  end
8
8
 
9
9
  add_column :cbac_staged_permissions, :pristine_file_id, :integer
@@ -40,29 +40,28 @@ describe Cbac do
40
40
  :controller => "dating/daughter_controller",
41
41
  :action => "take_to_dinner"
42
42
  }
43
+ allow(@controller).to receive(:current_user).and_return(nil)
43
44
  end
44
45
 
45
46
  context "and the contextual requirements are fulfilled" do
46
47
  before :each do
47
- ideal_son_in_law = mock('user', :brought_flowers? => true)
48
- @controller.stub(:candidate).and_return(ideal_son_in_law)
48
+ ideal_son_in_law = double('user', :brought_flowers? => true)
49
+ allow(@controller).to receive(:candidate).and_return(ideal_son_in_law)
49
50
  end
50
51
 
51
52
  specify "the action is invoked" do
52
- @controller.authorize.should == true
53
+ expect(@controller.authorize).to be_truthy
53
54
  end
54
55
  end
55
56
 
56
57
  context "and the contextual requirements are not fulfilled" do
57
58
  before :each do
58
- some_punk = mock('user', :brought_flowers? => false)
59
- @controller.stub(:candidate).and_return(some_punk)
59
+ some_punk = double('user', :brought_flowers? => false)
60
+ allow(@controller).to receive(:candidate).and_return(some_punk)
60
61
  end
61
62
 
62
63
  specify "the action is blocked" do
63
- @controller.should_receive(:unauthorized)
64
-
65
- @controller.authorize
64
+ expect(@controller.authorize).to be_falsey
66
65
  end
67
66
  end
68
67
  end